Different types of IT attacks continues to be on the rise, and we write about it a lot. They act in specific ways and they find different holes in our software, which makes us vulnerable to attacks.
In our own organisation we currently use an effective EDR, endpoint detection and response, for securing our network. But there’s something an EDR on itself cannot achieve, which is 'best practice'.
There’s another side to cyber attacks that is rapidly increasing, and that is attacking vulnerabilities in organisations first hand instead of our software. It can be anything: a job applicant, sending a resume to HR, but when they open the file it is a malicious code. Or finance receiving an email from another department with the correct name, that an invoice needs to be paid immediately, only to find out later that it was an attack. We experienced this ourselves, where our employee received a phone call from ‘our new IT-guy’ that something was wrong with his computer. Lucky for us, that employee is involved in the hiring process and he knew it wasn't true.
Attacks are becoming more sophisticated and they can work in multi-layered ways, which means that our ways of protecting ourselves can’t be limited to software alone. We need to make sure that staff has the best education and routine to protect against attacks, but we also need to make sure that we have protective software when routines are not enough.
Want to know more? Read secure your network or follow us on more updates.